Jump to content
MakeWebGames

DAMINK

Members
  • Posts

    134
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by DAMINK

  1. Sure thing boss :) I think i disliked 2 posts or maby 3 of his ever but anyway sure. I figured being told to "f u c k o f f" in a post warranted a reply but clearly not.
  2. Agree 100% with you adam and good luck with the site. I will register there after all.
  3. My point exactly. I never said i control my game from the database directly and write scripts. - - - Updated - - -   Pretty much the point i was trying to make, yet i notice one particular member did not go on the attack against you Kyle.
  4. ........................ [MENTION=68774]HauntedDawg[/MENTION] sure sure.....??.....
  5. This is what i was trying to get at earlier. Renaming your admin panel to ANYTHING wont make it harder to find. A sub domain may make it a little harder but ultimately if you do a basic test on the domain you find this info regardless. You could remove the admin controls completely and when you need them manually upload the file and use it then melt the file again. I guess that could work. However i do agree with [MENTION=64684]Dayo[/MENTION] Every control you want for your game is generally done from the database so there is no reason why you shouldnt just shell in........... Oh wait not everyone has a VPS or dedi to have that level of control do they? And not to mention its VERY easy to make a mistake while using the shell. Especially with database manipulation. phpmyadmin is a great tool for people that are not confident in having such a level of control.
  6. Fair enough [MENTION=67703]adamhull[/MENTION] To be fair i have had very little support here with my engine (grpg) so i guess a site that is active and does support the members would or could be a good idea.
  7. I dont get it. Your making a forum to basically replicate this one right? Anyway mybb? I would not join based on that alone to be honest however i have a long history of hating that software :)
  8. No matter how many admins/mods are here it appears you s h i t t y spammers are getting through. My advice would be to prevent new members from having a home page but also prevent them from having sigs until they get 10 QUALITY posts. Stupid f a r k i n spammers.
  9. Spammer piece of s h i t. Um isnt this vbulletin? Seriously take control of these spammers! Dont let them post there crap here. Its really not that hard to control them if you take just a little effort.
  10. That is a seriously long way around what is ultimately the same thing right [MENTION=65530]Coly010[/MENTION] admin.php, blah-blah.php, blah.domain.com, domain.com/blah are ALL going to do the same thing. They are all accessible to anyone should they be able to get the password and URL. Actually bots would scrape those places if you like it or not. Sure you could try deny via robots.txt but we know many scrapers wont listen to that anyways and robots.txt can often be a source of knowledge for said hackers. To move your admin functions to another domain is in my opinion dangerous and possibly creates more security issues. For the average site i would think just blocking access via .htaccess will suffice. Both with password and also with ip address. Even that becomes problematic given ip addresses are dynamic often and ip addresses can be spoofed. Keep in mind phpmyadmin default is a symlink but accessible to anyone that tries to access it via /phpmyadmin and same goes for /cpanel etc etc. Even big software makers like above dont try hide there scripts. I assume because its pointless. If you can access it via a browser then others can also.   The nuts and guts of what i think. Move your admin control to somewhere else. Even if its domain.com/admin1.php instead of just domain.com/admin.php. Setup a simple trap on a fake admin.php to catch anyone that tries to go there given no one should ever try. Automate an ip address ban to anyone that goes there.(very easy to do) My logic is this, script kiddies who get told of weaknesses then use google to find sites with this vulnerability. If your site does not have the "default" admin page then thats enough to prevent the average script kiddy. Beyond that you need to protect properly with .htaccess period. If someone wants to target your domain there going to find your admin area. Does not matter how hard you try hide it. WOW long post for me!
  11. I think your missing the point. If someone wants to take down/compromise a site one of the FIRST things i would imagine they do is a pentest. Get an idea of the structure of the site right? Get an idea of the server also. Once you get your info you begin your attack. If you really think hiding behind a subdomain will help you then sorry man i think your MAD!!!!!!!
  12. What difference does making a sub domain for admin stuff matter? If someone wanted to hack your game they would take the time to find out if and where the admin functions are right? A simple pentest should find subdomains. Seriously i cant find any benefit to making a subdomain as to change admin.php to asdfsdagfqettgqwragq43a5.php Same thing applies. You change the "default" so its harder for the hacker to find. But with a simple pentest you find this. In other words making a sub domain is a waste of time. If its just backing up databases then just put the backups OUTSIDE the doc root. Automate it to run a couple times a day and forget it. SO EASY ITS NOT FUNNY! Thats my 2 cents worth anyway.
  13. Pretty easy given im retired mate but thanks for your concern.
  14. I own http://www.prison-life.net and am considering selling it. Tried to give it away to a few (internet) mates but they cant code or dont want it. Not sure if anyone here would even want it to be honest. Its a basic grpg game with some stuff added. I did try get most things secured but am sure there are still issues. Consider it a FIX ME UP sort of game if you were interested. Test account setup username = Testing Password = testing123 You can register legitimately if you want. Be aware it does have email activation. The game is NOT READY for release so please dont complain about unfinished stuff. I am fully aware its not finished and would be selling it as is i guess.
  15. I guess im not "Everyone" then man. I spent years and years online, only to reflect and realize its all been wasted time. I want to direct my time on this crappy world to better things. My family and friends for example.
  16. Yea i had no intention of joining mostly because my days on the internet are almost over. I just wanted to give my first impressions as they ultimately are what draw people in.
  17. DAMINK

    Apologies

    hahhahahah sausage fest.
  18. Just checked it out. Colors are horrible to my way of thinking. Very little separation between each post which makes it even harder to read. Just giving my opinion is all.
  19. Impressive looking game i have to say from what i can see above. I would love to have a play with it.
  20. If you want a quality design i would have to recommend W3Theory-Peter. He is not the cheapest but his work is of a very high quality. As for putting it on your site, well that should be pretty easy depending on the sites structure. You really should give a bit more info i think Tommy regarding that. If its a static website then a layout would be simple but if it was a forum like VB then its a bit more complicated.
  21. I tried to register a couple times. Captcha was being stupid so gave up.
  22. Oh ok i thought it was viewable in the source of the html when it was a comment in a php file.
  23. Am i wrong in thinking just having comments in your code can be a security risk? Depending on what you put there obviously however any comment does become readable right. Any information to a potential hacker has to be a bad thing.
  24. Watched it today myself. Personally i did not like it at all and my advice would be don't buy it! Watch it if you get it free but that's about it. 5/10 and that's being generous.
  25. lol you got caught talking to a bot there fella. Anyway i will buy some off ya. Hit me up when you get online.
×
×
  • Create New...